WO2015095277A1 - Offline queries in software defined networks - Google Patents

Offline queries in software defined networks Download PDF

Info

Publication number
WO2015095277A1
WO2015095277A1 PCT/US2014/070749 US2014070749W WO2015095277A1 WO 2015095277 A1 WO2015095277 A1 WO 2015095277A1 US 2014070749 W US2014070749 W US 2014070749W WO 2015095277 A1 WO2015095277 A1 WO 2015095277A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
rtt
sdn
network
time
Prior art date
Application number
PCT/US2014/070749
Other languages
French (fr)
Inventor
Hui Zhang
Behnaz Arzani
Franjo Ivancic
Junghwan Rhee
Nipun Arora
Guofei Jiang
Original Assignee
Nec Laboratories America, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nec Laboratories America, Inc. filed Critical Nec Laboratories America, Inc.
Priority to JP2016539266A priority Critical patent/JP6293283B2/en
Priority to EP14873041.9A priority patent/EP3085030B1/en
Publication of WO2015095277A1 publication Critical patent/WO2015095277A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/42Centralised routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • H04L43/106Active monitoring, e.g. heartbeat, ping or trace-route using time related information in packets, e.g. by adding timestamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/20Arrangements for monitoring or testing data switching networks the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/64Routing or path finding of packets in data switching networks using an overlay routing layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/645Splitting route computation layer and forwarding layer, e.g. routing according to path computational element [PCE] or based on OpenFlow functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • H04L43/0864Round trip delays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/28Flow control; Congestion control in relation to timing considerations
    • H04L47/283Flow control; Congestion control in relation to timing considerations in response to processing delays, e.g. caused by jitter or round trip time [RTT]

Definitions

  • SDNs Software defined networks
  • forwarding architectures These architectures split control plane decisionmaking off from data plane forwarding. In doing so, they enable custom programmability and centralization of the control plane while allowing for commodity high-throughput, high-fanout data plane forwarding elements.
  • a method for finding a packet's routing path in a network includes intercepting control messages sent by a controller to one or more switches in a software defined network (SDN).
  • SDN software defined network
  • a state of the SDN at a requested time is emulated and one or more possible routing paths through the emulated SDN is identified by replaying the intercepted control messages to one or more emulated switches in the emulated SDN.
  • the one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.
  • a system for finding a packet's path in a network includes a proxy configured to intercept control messages sent by a controller to one or more switches in an SDN.
  • a network emulator comprising a processor is configured to emulate a state of the SDN at a requested time and to identify one or more possible routing paths through the emulated SDN by replaying the intercepted control messages to one or more emulated switches in the emulated SDN.
  • the one or more routing possible paths correspond to a requested packet inserted into the SDN at the requested time.
  • FIG. 1 is a block/flow diagram illustrating a software defined networking (SDN) shadow system in accordance with the present principles.
  • SDN software defined networking
  • FIG. 2 is a block/flow diagram illustrating the reconstruction of switch control states in an SDN in accordance with the present principles.
  • FIG. 3 is a block diagram of an SDN shadow system in accordance with the present principles.
  • Embodiments of the present invention support offline queries on the precise routing paths that data packets take in a forwarding architecture network without instrumentation or tracing in software defined networking (SDN) switches. This includes recording he control messages exchanged between an SDN controller and switches, along with measurements of the network latency between the SDN controller and switches.
  • SDN software defined networking
  • a software defined network 100 includes a source host 101 which communicates with a destination host 104 via, in this case, a first switch 102 and a second switch 103. It should be understood that the precise path of packets from the source host 101 to the destination host 104 can change as the logical network structure is reconfigured by switches 102 and 103.
  • Control messages between the switches 102 and 103 and a controller 118, which change flow tables in the switches 102 and 103, are recorded, along with measurements of the network latency between the controller 1 18 and the switches 102 and 103.
  • an SDN Shadow block 106 is interposed between the controller 1 18 and the SDN 100.
  • the primary purpose of the control messages is to add, delete, and modify flow/group entries in the flow tables and to set switch port properties.
  • a proxy 108 intercepts control messages from SDN controller 1 18 and stores them in control plane logs 110.
  • the control messages can be obtained by using existing tools, such as packet sniffers, or by specialized plugins in the controller software, to create a local copy.
  • the proxy 108 also records the time that each control message is sent, the network latency in round trip time between the controller 1 18 and the switches 102 and 103. At the beginning of recording, the proxy 108 also logs a snapshot of the flow tables in the switches if they are not empty and logs the SDN network topology information, including switch information, network links between switches, and last-hop links between switches and interested hosts.
  • control message traces are played back in a network emulator upon a precise routing path query for a data packet at a certain time in the recording period in the query engine 1 14, using information from network topology storage 1 12.
  • the query engine 1 14 offers a user interface to take a data packet and time stamp as inputs and runs a the network emulator to replay the selected set of recorded control messages to determine the path the data packet could take if it were injected into the SDN 100 at the time specified.
  • Possible flow table states at the switches in question are reconstructed and the possible routing paths that the data packet in question could take are found at path API 1 16.
  • the possibilities assigned to those routing paths are calculated.
  • This information is output in block 120 and may be in the form of an ordered list that encodes the switches traversed, the switch input and output ports, and a matched flow entry.
  • Accepting the query input in the query engine 1 14 includes receiving a packet event, defined by the packet, the time, and an input switch.
  • the packet may be in the format of a network packet that includes an Ethernet frame and IP header.
  • Time T specifies the time when the packet entered the SDN network 100.
  • the input switch information is optional and may specify the first switch and port where the packet arrived in the network 100.
  • the query engine 114 allows users to input a packet event in the format ⁇ packet X, time T, [switch 5 0 :portIn]> and receive a reply on the precise path information that the network packet could take in the network 100.
  • Rebuilding the switch flow tables selects a subset of the recorded control messages and creates an emulation of the original SDN network with the recorded network topology information, re-injects the selected set of control messages through an emulated controller to the emulated switches, and then dumps the related flow table entry information from all the emulated switches.
  • the emulation information is then searched to find which switches and routing rules the packet could pass through, constructing precise routing paths.
  • the path API 1 16 outputs paths with the format of an ordered list as described above to generate the output 120.
  • Block 202 selects recorded control messages given an input packet and a queried arrival time. Block 202 finds the set of recorded control messages that could possibly affect routing decisions for the packet. If the user provides the first hop switch information, the starting switch set is initialized accordingly. Otherwise, the starting switch set is initialized as including all available switches and their ports. For each first-hop switch, a mean return trip time (RTT) between the controller 1 18 and the switch is computed with a respective variance is determined. This is based on network latency information recorded by the proxy 108.
  • RTT mean return trip time
  • a starting time T s is determined, defined as the time before which switch states will not influence routing decisions for the packet. If, for every control message that is sent to a switch matching the packet and incoming port on the packet fields, the control message has a recorded time stamp T, that satisfies: ⁇ + ⁇ E ⁇ RTT- ⁇ RTT
  • T x is the time stamp of the earliest control message matching the packet and violating the above condition.
  • All recorded control messages sent to the respective initial switch are selected which have time stamps no later than T s and contain flow table entries matching the packet and incoming port on the packet fields. These control messages are put in a time-ordered list. If there are no such messages, then the switch in question is removed from consideration as an initial switch. If there are no switches having such control messages, then the user is informed that no valid path was found.
  • Creating the emulated network in block 204 uses the recorded network topology information 1 12 to form an emulated network having the same topology as the traced SDN network 100.
  • Reconstructing the flow table in block 206 uses the packet, the input timestamp T s , and the results of blocks 202 and 204 to reconstruct switch flow table entries that affect the packet's routing decisions. Reconstruction begins with initializing all of the flow tables of all emulated switches with logged snapshots.
  • An emulated controller sends recorded control messages to each emulated switch in time order until the first message is found that goes through without generating an error message and that has a time stamp T c0 such that T c0 + — ka RTT ⁇ [T s , T s + T D ] ⁇ 0 and T c0 + + ka RTT n [T s , T s + T D ] ⁇ 0 , where T D is the maximum time a packet can remain in the network and is a function of network diameter.
  • This message and any remaining control messages satisfying the same conditions are copied into a time ordered list called Potential(S 0 ) that includes all of the control messages that potentially affect the routing decision on the packet at the switch 5 0 .
  • the packet is applied to the current flow table of the emulated switch 5 0 and the first flow table entry E having an output action and matching the packet and incoming port is found. If no entry is found, then there is no forwarding action for the packet at this point. If the list Potential(5 0 ) is not empty, the next control message is selected and applied to the current flow table. This is repeated until either Potential(5 0 ) is empty or a matching entry is found.
  • RoutingTree(5 0 ) already includes an entry corresponding to the same switch and next port, then the next control message is selected and applied to the current flow table to search for new next ports. Otherwise, a new hash table entry is created and inserted into RoutingTree(S 0 ).
  • the stored network topology information is used to find the other end of the network link connected to the next port. If there is no such link information, then the next control message is selected and applied to the current flow table. Otherwise processing continues from the connected switch (called the current switch in the following) and port.
  • All control messages sent to the current switch having a timestamp no later than T s and having control flow table entries that match the packet and incoming port on the packet fields, are put into a time ordered list activeMSG. If the list is empty, the hash table for the entry is updated to indicate in the tree that a dead end has been reached. If there are entries in the list, the emulated controller sends the control messages in the list to the emulated current switch in the same time order until the first message is found that satisfies the same timestamp condition set forth above.
  • the qualifying messages are copied into a time ordered list Potential(currentSwitch), as these messages potentially affect the routing decision on the packet. They are used to record all possible next-hop routing decisions for the packet in the current switch.
  • the packet is applied to the current flow table of the emulated switch currentSwitch and the first flow table entry F having an output action and matching the packet and incoming port is found. If there is no such entry, and if Potential(currentSwitch) is not empty, the first control message in the list is selected and applied to the emulated switch currentSwitch. The message is removed from Potential(currentSwitch).
  • the output action of F specifies the next port.
  • the hash table is updated with an entry identifying the next port. If there is already an entry in storedHops(5 0 ) for currentSwitch on the current input point then a routing loop is detected and the message is removed from Potential(5 0 ). Otherwise, a new key is inserted into storedHops(5 0 ).
  • the routing paths may be searched by repeating, for each key in RoutingTree(S 0 ), a depth-first search. Whenever a leaf node is reached, the complete path from the root node to the leaf node is recorded with the concatenated per-node value information in the format of an ordered list. These lists may then be returned to the users to represent the recorded precise routing paths.
  • embodiments described herein may be entirely hardware, entirely software or including both hardware and software elements.
  • the present invention is implemented in hardware and software, which includes but is not limited to firmware, resident software, microcode, etc.
  • Embodiments may include a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system.
  • a computer-usable or computer readable medium may include any apparatus that stores, communicates, propagates, or transports the program for use by or in connection with the instruction execution system, apparatus, or device.
  • the medium can be magnetic, optical, electronic, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium.
  • the medium may include a computer-readable storage medium such as a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk, etc.
  • a data processing system suitable for storing and/or executing program code may include at least one processor coupled directly or indirectly to memory elements through a system bus.
  • the memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code to reduce the number of times code is retrieved from bulk storage during execution.
  • I/O devices including but not limited to keyboards, displays, pointing devices, etc. may be coupled to the system either directly or through intervening I/O controllers.
  • Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.
  • Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
  • a processor 302 interfaces with a memory 304 to identify and output the paths that a given packet may take through an SDN 100.
  • a controller proxy module 306 receives information from the SDN controller 118 and stores control messages in the memory 304 as control plane logs 308. In addition, the proxy 306 stores network topology information 310 and any available network status information such as mean RTT time and RTT variance.
  • a user interface 312 interfaces with query engine 314 to provide a user with the ability to enter a query for a specific packet at a given timestamp.
  • the packet information includes packet headers.
  • the query may furthermore optionally include information relating to the initial switch at which the packet entered the network 100.
  • the query engine 1 14 provides the user's query to a network emulator 316 which uses a processor 302 to emulate the network 100 based on the control plane logs 308 and the stored network topology, creating a set of possible paths that the packet could have taken through the network. These possible paths are then displayed to the user through the user interface 312.

Abstract

Methods and systems for finding a packet's routing path in a network includes intercepting control messages sent by a controller to one or more switches in a software defined network (SDN). A state of the SDN at a requested time is emulated and one or more possible routing paths through the emulated SDN is identified by replaying the intercepted control messages to one or more emulated switches in the emulated SDN. The one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.

Description

OFFLINE QUERIES IN SOFTWARE DEFINED NETWORKS
RELATED APPLICATION INFORMATION
[0001] This application claims priority to provisional application number 61/917,072, filed December 17, 2013, and the contents thereof are incorporated herein by reference.
BACKGROUND OF THE INVENTION
[0002] Software defined networks (SDNs) feature an emerging class of network architectures called forwarding architectures. These architectures split control plane decisionmaking off from data plane forwarding. In doing so, they enable custom programmability and centralization of the control plane while allowing for commodity high-throughput, high-fanout data plane forwarding elements.
[0003] However, debugging operational SDNs can be a daunting task due to their size, distributed state, and high complexity in the controller software. The debugging tool set available to network operators is limited. Existing debugging solutions use online packet or flowtable dumping in SDN switches to determine the precise routing paths that data packets took in the network, each of which has its own drawbacks.
BRIEF SUMMARY OF THE INVENTION
[0004] A method for finding a packet's routing path in a network includes intercepting control messages sent by a controller to one or more switches in a software defined network (SDN). A state of the SDN at a requested time is emulated and one or more possible routing paths through the emulated SDN is identified by replaying the intercepted control messages to one or more emulated switches in the emulated SDN. The one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.
[0005] A system for finding a packet's path in a network includes a proxy configured to intercept control messages sent by a controller to one or more switches in an SDN. A network emulator comprising a processor is configured to emulate a state of the SDN at a requested time and to identify one or more possible routing paths through the emulated SDN by replaying the intercepted control messages to one or more emulated switches in the emulated SDN. The one or more routing possible paths correspond to a requested packet inserted into the SDN at the requested time.
BRIEF DESCRIPTION OF THE DRAWINGS
[0006] FIG. 1 is a block/flow diagram illustrating a software defined networking (SDN) shadow system in accordance with the present principles.
[0007] FIG. 2 is a block/flow diagram illustrating the reconstruction of switch control states in an SDN in accordance with the present principles.
[0008] FIG. 3 is a block diagram of an SDN shadow system in accordance with the present principles.
DETAILED DESCRIPTION
[0009] Embodiments of the present invention support offline queries on the precise routing paths that data packets take in a forwarding architecture network without instrumentation or tracing in software defined networking (SDN) switches. This includes recording he control messages exchanged between an SDN controller and switches, along with measurements of the network latency between the SDN controller and switches.
[0010] Referring now to FIG. 1 , an exemplary forwarding architecture network is shown. A software defined network 100 includes a source host 101 which communicates with a destination host 104 via, in this case, a first switch 102 and a second switch 103. It should be understood that the precise path of packets from the source host 101 to the destination host 104 can change as the logical network structure is reconfigured by switches 102 and 103.
[0011] Control messages between the switches 102 and 103 and a controller 118, which change flow tables in the switches 102 and 103, are recorded, along with measurements of the network latency between the controller 1 18 and the switches 102 and 103. To accomplish this, an SDN Shadow block 106 is interposed between the controller 1 18 and the SDN 100. The primary purpose of the control messages is to add, delete, and modify flow/group entries in the flow tables and to set switch port properties. A proxy 108 intercepts control messages from SDN controller 1 18 and stores them in control plane logs 110. The control messages can be obtained by using existing tools, such as packet sniffers, or by specialized plugins in the controller software, to create a local copy. The proxy 108 also records the time that each control message is sent, the network latency in round trip time between the controller 1 18 and the switches 102 and 103. At the beginning of recording, the proxy 108 also logs a snapshot of the flow tables in the switches if they are not empty and logs the SDN network topology information, including switch information, network links between switches, and last-hop links between switches and interested hosts.
[0012] To find path information, control message traces are played back in a network emulator upon a precise routing path query for a data packet at a certain time in the recording period in the query engine 1 14, using information from network topology storage 1 12. The query engine 1 14 offers a user interface to take a data packet and time stamp as inputs and runs a the network emulator to replay the selected set of recorded control messages to determine the path the data packet could take if it were injected into the SDN 100 at the time specified. Possible flow table states at the switches in question are reconstructed and the possible routing paths that the data packet in question could take are found at path API 1 16. Optionally the possibilities assigned to those routing paths are calculated. This information is output in block 120 and may be in the form of an ordered list that encodes the switches traversed, the switch input and output ports, and a matched flow entry.
[0013] Accepting the query input in the query engine 1 14 includes receiving a packet event, defined by the packet, the time, and an input switch. The packet may be in the format of a network packet that includes an Ethernet frame and IP header. Time T specifies the time when the packet entered the SDN network 100. The input switch information is optional and may specify the first switch and port where the packet arrived in the network 100. Contrary to existing path-oriented request tracing solutions, the query engine 114 allows users to input a packet event in the format <packet X, time T, [switch 50 :portIn]> and receive a reply on the precise path information that the network packet could take in the network 100. [0014] Rebuilding the switch flow tables selects a subset of the recorded control messages and creates an emulation of the original SDN network with the recorded network topology information, re-injects the selected set of control messages through an emulated controller to the emulated switches, and then dumps the related flow table entry information from all the emulated switches.
[0015] The emulation information is then searched to find which switches and routing rules the packet could pass through, constructing precise routing paths. The path API 1 16 outputs paths with the format of an ordered list as described above to generate the output 120.
[0016] Referring now to FIG. 2, detail on the reconstruction of the control state 200 is shown. Block 202 selects recorded control messages given an input packet and a queried arrival time. Block 202 finds the set of recorded control messages that could possibly affect routing decisions for the packet. If the user provides the first hop switch information, the starting switch set is initialized accordingly. Otherwise, the starting switch set is initialized as including all available switches and their ports. For each first-hop switch, a mean return trip time (RTT) between the controller 1 18 and the switch is computed with a respective variance is determined. This is based on network latency information recorded by the proxy 108.
[0017] A starting time Ts is determined, defined as the time before which switch states will not influence routing decisions for the packet. If, for every control message that is sent to a switch matching the packet and incoming port on the packet fields, the control message has a recorded time stamp T, that satisfies: Ά + ~ EγRTT- ^RTT
+ kaRTT < T0 OR Tj +— kaRTT > T0
then Ts = T0 , where ERTT is the mean RTT, aRTT is the variance on the RTT, T0 is the input timestamp, and k is the Z-value in the statistical confidence interval. If not, then Ts = Tx +
-— kaRTT, where Tx is the time stamp of the earliest control message matching the packet and violating the above condition.
[0018] All recorded control messages sent to the respective initial switch are selected which have time stamps no later than Ts and contain flow table entries matching the packet and incoming port on the packet fields. These control messages are put in a time-ordered list. If there are no such messages, then the switch in question is removed from consideration as an initial switch. If there are no switches having such control messages, then the user is informed that no valid path was found.
[0019] Creating the emulated network in block 204 uses the recorded network topology information 1 12 to form an emulated network having the same topology as the traced SDN network 100.
[0020] Reconstructing the flow table in block 206 uses the packet, the input timestamp Ts , and the results of blocks 202 and 204 to reconstruct switch flow table entries that affect the packet's routing decisions. Reconstruction begins with initializing all of the flow tables of all emulated switches with logged snapshots. An emulated controller sends recorded control messages to each emulated switch in time order until the first message is found that goes through without generating an error message and that has a time stamp Tc0 such that Tc0 + — kaRTT Π [Ts, Ts + TD]≠ 0 and Tc0 + + kaRTT n [Ts, Ts + TD]≠0 , where TD is the maximum time a packet can remain in the network and is a function of network diameter. This message and any remaining control messages satisfying the same conditions are copied into a time ordered list called Potential(S0) that includes all of the control messages that potentially affect the routing decision on the packet at the switch 50.
[0021] Three hash tables are initialized: RoutingTree( 50 ), storedStates( 50 ), and storedHops(S0). The packet is applied to the current flow table of the emulated switch 50 and the first flow table entry E having an output action and matching the packet and incoming port is found. If no entry is found, then there is no forwarding action for the packet at this point. If the list Potential(50) is not empty, the next control message is selected and applied to the current flow table. This is repeated until either Potential(50) is empty or a matching entry is found.
[0022] The entry's output action specifies the next port. If RoutingTree(50 ) already includes an entry corresponding to the same switch and next port, then the next control message is selected and applied to the current flow table to search for new next ports. Otherwise, a new hash table entry is created and inserted into RoutingTree(S0).
[0023] The stored network topology information is used to find the other end of the network link connected to the next port. If there is no such link information, then the next control message is selected and applied to the current flow table. Otherwise processing continues from the connected switch (called the current switch in the following) and port.
[0024] All control messages sent to the current switch, having a timestamp no later than Ts and having control flow table entries that match the packet and incoming port on the packet fields, are put into a time ordered list activeMSG. If the list is empty, the hash table for the entry is updated to indicate in the tree that a dead end has been reached. If there are entries in the list, the emulated controller sends the control messages in the list to the emulated current switch in the same time order until the first message is found that satisfies the same timestamp condition set forth above.
[0025] The qualifying messages are copied into a time ordered list Potential(currentSwitch), as these messages potentially affect the routing decision on the packet. They are used to record all possible next-hop routing decisions for the packet in the current switch. The packet is applied to the current flow table of the emulated switch currentSwitch and the first flow table entry F having an output action and matching the packet and incoming port is found. If there is no such entry, and if Potential(currentSwitch) is not empty, the first control message in the list is selected and applied to the emulated switch currentSwitch. The message is removed from Potential(currentSwitch).
[0026] The output action of F specifies the next port. The hash table is updated with an entry identifying the next port. If there is already an entry in storedHops(50) for currentSwitch on the current input point then a routing loop is detected and the message is removed from Potential(50). Otherwise, a new key is inserted into storedHops(50).
[0027] If Potential(currentSwitch) is empty or uniitialized, the state is rolled back to the previous switch and the entry for the hop is deleted from storedStates(50) and storedHops(50). The entire set of potential messages is recursively evaluated in this way to build a set of one or more possible paths that the packet could have taken through the network 100. Once PvOutingTree(S0) is complete, it can be searched for feasible routing paths to generate the output 120.
[0028] The routing paths may be searched by repeating, for each key in RoutingTree(S0), a depth-first search. Whenever a leaf node is reached, the complete path from the root node to the leaf node is recorded with the concatenated per-node value information in the format of an ordered list. These lists may then be returned to the users to represent the recorded precise routing paths.
[0029] It should be understood that embodiments described herein may be entirely hardware, entirely software or including both hardware and software elements. In a preferred embodiment, the present invention is implemented in hardware and software, which includes but is not limited to firmware, resident software, microcode, etc.
[0030] Embodiments may include a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system. A computer-usable or computer readable medium may include any apparatus that stores, communicates, propagates, or transports the program for use by or in connection with the instruction execution system, apparatus, or device. The medium can be magnetic, optical, electronic, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. The medium may include a computer-readable storage medium such as a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk, etc.
[0031] A data processing system suitable for storing and/or executing program code may include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code to reduce the number of times code is retrieved from bulk storage during execution. Input/output or I/O devices (including but not limited to keyboards, displays, pointing devices, etc.) may be coupled to the system either directly or through intervening I/O controllers.
[0032] Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
[0033] Referring now to FIG. 3, an SDN shadow system 300 is shown. A processor 302 interfaces with a memory 304 to identify and output the paths that a given packet may take through an SDN 100. A controller proxy module 306 receives information from the SDN controller 118 and stores control messages in the memory 304 as control plane logs 308. In addition, the proxy 306 stores network topology information 310 and any available network status information such as mean RTT time and RTT variance.
[0034] A user interface 312 interfaces with query engine 314 to provide a user with the ability to enter a query for a specific packet at a given timestamp. The packet information includes packet headers. The query may furthermore optionally include information relating to the initial switch at which the packet entered the network 100. The query engine 1 14 provides the user's query to a network emulator 316 which uses a processor 302 to emulate the network 100 based on the control plane logs 308 and the stored network topology, creating a set of possible paths that the packet could have taken through the network. These possible paths are then displayed to the user through the user interface 312.
[0035] The foregoing is to be understood as being in every respect illustrative and exemplary, but not restrictive, and the scope of the invention disclosed herein is not to be determined from the Detailed Description, but rather from the claims as interpreted according to the full breadth permitted by the patent laws. Additional information is provided in Appendix A to the application. It is to be understood that the embodiments shown and described herein are onlv illustrative of the principles of the present invention and that those skilled in the art may implement various modifications without departing from the scope and spirit of the invention. Those skilled in the art could implement various other feature combinations without departing from the scope and spirit of the invention.

Claims

CLAIMS:
1. A method for finding a packet's routing path in a network, comprising:
intercepting control messages sent by a controller to one or more switches in a software defined network (SDN);
emulating a state of the SDN at a requested time; and
identifying one or more possible routing paths through the emulated SDN by replaying the intercepted control messages to one or more emulated switches in the emulated SDN, wherein said one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.
2. The method of claim 1 , further comprising receiving a query that comprises a packet and a timestamp T0 identifying the time at which the packet entered the SDN.
3. The method of claim 2, wherein the query further comprises an initial switch and port at which the packet entered the SDN.
4. The method of claim 1 , wherein identifying one or more possible routing paths comprises reconstructing flow table states of the one or more emulated switches based on the intercepted control messages and round trip time (RTT) information.
5. The method of claim 4, wherein identifying one or more possible routing paths comprises recursively building a tree of possible routing paths by selectively replaying control messages based on their timing in an emulated network and discovering all potential next-hops starting from an initial switch.
6. The method of claim 4, wherein further comprising determining a starting time Ts , defined as the time before which switch states will not influence routing decisions for the packet, as Ts = T0 if, for every control message that is sent to a switch matching the packet and incoming port on the packet fields, the control message has a recorded time stamp Tt that satisfies: Ti + -γ- + kaRTT < TQ OR Ti +— kaRTT > TQ
where ERTT is the mean RTT, aRTT is the variance on the RTT, TQ is the input timestamp, and k is the Z-value in the statistical confidence interval, and Ts = Tx + — kaRTT otherwise, where
Tx is the time stamp of the earliest control message matching the packet and violating the above condition.
7. The method of claim 4, wherein intercepted control messages selected for reconstructing the flow table states are all messages earlier than Tx until the first message whose time stamp Tc0 satisfies Tc0 + - Ε - kaRTT Π [Ts, Ts + TD]≠0 and Tc0 + - Ε - + kaRTT Π [Ts, Ts + TD]≠ 0 , where TD is the maximum time a packet can remain in the network and is a function of network diameter, wherein a first selected message and any remaining control messages satisfying the same conditions are copied into a time ordered list that includes all of the control messages that potentially affect the routing decision on the packet at the switch.
8. A system for finding a packet's path in a network, comprising:
a proxy configured to intercept control messages sent by a controller to one or more switches in a software defined network (SDN); and
a network emulator comprising a processor configured to emulate a state of the SDN at a requested time and to identify one or more possible routing paths through the emulated SDN by replaying the intercepted control messages to one or more emulated switches in the emulated SDN, wherein said one or more routing possible paths correspond to a requested packet inserted into the SDN at the requested time.
9. The system of claim 8, further comprising a query engine configured to receive a query that comprises a packet and a timestamp TQ identifying the time at which the packet entered the SDN.
10. The system of claim 9, wherein the query further comprises an initial switch and port at which the packet entered the SDN.
11. The system of claim 8, wherein the network emulator is configured to reconstruct flow table states of the one or more emulated switches based on the intercepted control messages and round trip time (RTT) information.
12. The system of claim 1 1 , wherein the network emulator is further configured to recursively build a tree of possible routing paths by selectively replaying control messages based on their timing in an emulated network and discovering all potential next-hops starting from an initial switch.
13. The system of claim 1 1 , wherein the network emulator is further configured to determine a starting time Ts, defined as the time before which switch states will not influence routing decisions for the packet, as Ts = T0 if, for every control message that is sent to a switch matching the packet and incoming port on the packet fields, the control message has a recorded time stamp Tt that satisfies:
^ RTT ^ RTT
+ -y- + kaRTT < TQ OR Tt +— kaRTT > T0
where ERTT is the mean RTT, aRTT is the variance on the RTT, T0 is the input timestamp, and k is the Z- value in the statistical confidence interval, and Ts = Tx + ^ ^-— kaRTT otherwise, where
Tx is the time stamp of the earliest control message matching the packet and violating the above condition.
14. The system of claim 11 , wherein intercepted control messages selected for reconstructing the flow table states are all messages earlier than Tx until the first message whose time stamp Tc0 satisfies Tc0 + - Ε - kaRTT n [TS) Ts + TD]≠ 0 and Tc0 + - Ε + kaRTT n [Ts, Ts + TD]≠ 0 , where TD is the maximum time a packet can remain in the network and is a function of network diameter, wherein a first selected message and any remaining control messages satisfying the same conditions are copied into a time ordered list that includes all of the control messages that potentially affect the routing decision on the packet at the switch.
PCT/US2014/070749 2013-12-17 2014-12-17 Offline queries in software defined networks WO2015095277A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2016539266A JP6293283B2 (en) 2013-12-17 2014-12-17 Offline queries in software-defined networks
EP14873041.9A EP3085030B1 (en) 2013-12-17 2014-12-17 Offline queries in software defined networks

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201361917072P 2013-12-17 2013-12-17
US61/917,072 2013-12-17
US14/571,778 US9736064B2 (en) 2013-12-17 2014-12-16 Offline queries in software defined networks
US14/571,778 2014-12-16

Publications (1)

Publication Number Publication Date
WO2015095277A1 true WO2015095277A1 (en) 2015-06-25

Family

ID=53369853

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2014/070749 WO2015095277A1 (en) 2013-12-17 2014-12-17 Offline queries in software defined networks

Country Status (4)

Country Link
US (1) US9736064B2 (en)
EP (1) EP3085030B1 (en)
JP (1) JP6293283B2 (en)
WO (1) WO2015095277A1 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9454575B2 (en) * 2014-03-28 2016-09-27 Hewlett Packard Enterprise Development Lp Processing a metric of a component of a software-defined network
US9692689B2 (en) * 2014-08-27 2017-06-27 International Business Machines Corporation Reporting static flows to a switch controller in a software-defined network (SDN)
US9769060B2 (en) * 2015-07-20 2017-09-19 Schweitzer Engineering Laboratories, Inc. Simulating, visualizing, and searching traffic in a software defined network
US9699064B2 (en) * 2015-07-20 2017-07-04 Telefonaktiebolaget Lm Ericsson (Publ) Method and an apparatus for network state re-construction in software defined networking
CN105933236A (en) * 2016-07-07 2016-09-07 北京邮电大学 Method and device for updating SDN (Software Defined Network) flow table
CN108270675B (en) * 2016-12-30 2020-10-30 中国电信股份有限公司 Flow table implementation controller, forwarding device, system and method
US10425335B2 (en) * 2017-09-19 2019-09-24 Sap Se Reconstructing message flows based on hash values
US20220070091A1 (en) * 2018-12-16 2022-03-03 Kulcloud Open fronthaul network system
US11012315B2 (en) 2019-05-29 2021-05-18 Cisco Technology, Inc. Retroactively detecting state change in a network fabric across times

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002368A1 (en) * 2004-07-01 2006-01-05 Honeywell International Inc. Latency controlled redundant routing
US20070266143A1 (en) * 2006-05-12 2007-11-15 Motorola, Inc. System and method for distributing proxying error information in wireless networks
US20110013509A1 (en) * 2008-03-21 2011-01-20 Yuan Zhou Network node and method for establishing network path and sending data
CN101141386B (en) * 2006-09-08 2011-04-13 华为技术有限公司 Routing optimization managing method and device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7650416B2 (en) * 2003-08-12 2010-01-19 Riverbed Technology Content delivery for client-server protocols with user affinities using connection end-point proxies
US7443803B2 (en) * 2004-03-23 2008-10-28 Fujitsu Limited Estimating and managing network traffic
US9054975B2 (en) * 2010-08-30 2015-06-09 Deutsche Telekom Ag Virtualization and replay-based system for network debugging
US8976661B2 (en) * 2012-01-11 2015-03-10 Nec Laboratories America, Inc. Network self-protection
CN105103494B (en) * 2013-01-31 2018-09-25 慧与发展有限责任合伙企业 The network switch emulates
US9979638B2 (en) * 2013-06-19 2018-05-22 Hcl Technologies Limited Systems and methods to construct engineering environment supporting API enablement for software defined networking

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002368A1 (en) * 2004-07-01 2006-01-05 Honeywell International Inc. Latency controlled redundant routing
US20070266143A1 (en) * 2006-05-12 2007-11-15 Motorola, Inc. System and method for distributing proxying error information in wireless networks
CN101141386B (en) * 2006-09-08 2011-04-13 华为技术有限公司 Routing optimization managing method and device
US20110013509A1 (en) * 2008-03-21 2011-01-20 Yuan Zhou Network node and method for establishing network path and sending data

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
DANNY YUXING HUANG ET AL.: "High-fidelity switch models for software-defined n etwork emulation. HotSDN 13 Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking", ACM SIGCOMM, 16 August 2013 (2013-08-16), NEW YORK, NY, USA, pages 43 - 48, XP058030686 *
See also references of EP3085030A4 *

Also Published As

Publication number Publication date
EP3085030A4 (en) 2017-09-06
US20150172185A1 (en) 2015-06-18
JP6293283B2 (en) 2018-03-14
EP3085030A1 (en) 2016-10-26
EP3085030B1 (en) 2020-03-25
US9736064B2 (en) 2017-08-15
JP2016541202A (en) 2016-12-28

Similar Documents

Publication Publication Date Title
US9736064B2 (en) Offline queries in software defined networks
Handigol et al. Where is the debugger for my software-defined network?
Mahajan et al. User-level Internet path diagnosis
US10305749B2 (en) Low latency flow cleanup of openflow configuration changes
US20200220774A1 (en) Method and device for detecting network failure
Donnet et al. Improved algorithms for network topology discovery
WO2020207051A1 (en) Method and apparatus for network verification
US11025534B2 (en) Service-based node-centric ECMP health
Feldmann et al. NetCo: Reliable routing with unreliable routers
Qiu et al. Global Flow Table: A convincing mechanism for security operations in SDN
Xiang et al. Modeling and verifying TopoGuard in OpenFlow-based software defined networks
Zhao et al. Towards unbiased end-to-end network diagnosis
US20230344755A1 (en) Determining flow paths of packets through nodes of a network
Zhao et al. Troubleshooting data plane with rule verification in software-defined networks
Tseng et al. sPing: a user‐centred debugging mechanism for software defined networks
Zhao et al. Sdn-enabled rule verification on data plane
Zhi et al. Med: The monitor-emulator-debugger for software-defined networks
Zichao et al. Ethernet topology discovery for virtual local area networks with incomplete information
Zhang et al. Toward comprehensive network verification: Practices, challenges and beyond
Viipuri Traffic analysis and modeling of IP core networks
Li et al. Modeling for traffic replay in virtual network
KR100454684B1 (en) A Method and Server for Performing the Traffic Engineering Using Mock-experiment and Optimization in Multi-protocol Label Switching Network
JP7164140B2 (en) COMMUNICATION ANALYSIS DEVICE, COMMUNICATION ANALYSIS METHOD AND PROGRAM
Hommes et al. Automated source code extension for debugging of openflow based networks
Raspall Building Nemo, a system to monitor IP routing and traffic paths in real time

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14873041

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2016539266

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2014873041

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2014873041

Country of ref document: EP